View and manage CylancePERSONA Desktop alerts Skip Navigation

View and manage
CylancePERSONA Desktop
alerts

CylancePERSONA Desktop
alert data is retained for 90 days in the management console.
  1. In the management console, on the menu bar, click
    Persona
    .
  2. Do any of the following:
    Task
    Steps
    View the details for an alert.
    1. In the left pane, click an alert.
    An alert can be any of the following:
    • 2FA Provisioning: The user set up two-factor authentication on a device.
    • Alert Only: An alert was triggered for the user. No mitigation action has been triggered.
    • Failed 2FA Logon: The user failed to pass the 2FA logon.
    • Forced Step-Up Authentication (Mitigation Triggered): The user was required to enter their username and password or to pass a 2FA challenge to continue using the device.
    • Lateral Movements: The user's credentials are being used to log in to another device, which can be a sign of compromised user credentials.
    • User Failed Logon: The user failed to enter the correct username and password when logging into the device.
    Sort alerts by severity.
    1. Click
      Severity
      .
    Change the scope of the alerts data.
    1. Click
      LAST 24 HRS
      or
      LAST 30 DAYS
      .
    Set an action for alerts.
    1. Select the check box for one or more alerts.
    2. In the
      Select Action
      drop-down list, click
      In Progress
      ,
      Reviewed
      , or
      False Positive
      .
    Filter the alerts data
    Use the options at the top of the screen to filter the data by alert type, date range, severity, status, username, and zone.
    Click
    Clear all filters
    to remove the current filters.